CVE-2024-43435

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-43435
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-43435.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-43435
Aliases
Downstream
Published
2024-11-11T13:15:04.580Z
Modified
2026-03-12T08:29:02.503061Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
Summary
[none]
Details

A flaw was found in moodle. Insufficient capability checks make it possible for users with access to restore glossaries in courses to restore them into the global site glossary.

References

Affected packages

Git / github.com/moodle/moodle

Affected ranges

Type
GIT
Repo
https://github.com/moodle/moodle
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
aea9770cfc7d003a737f4899489d1e3982efe9ac
Introduced
ae4efa96ee8169a848c141ad21690165ea791552
Fixed
62c1f37d409241624a6b69119c754dcc3664b0ce
Introduced
fe7aff8093240cc373f1ddaa66ecb91c4bc0a09f
Fixed
fcf23db6be03ebe13077f881f0b4cf8757984452
Introduced
ee91c6536f99e1633e2245780c4fe7f47340ed66
Fixed
cc2edf3b8ccaa116e19ea2bb5daec7ed8adb3acd
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "4.1.12"
        },
        {
            "introduced": "4.2.0"
        },
        {
            "fixed": "4.2.9"
        },
        {
            "introduced": "4.3.0"
        },
        {
            "fixed": "4.3.6"
        },
        {
            "introduced": "4.4.0"
        },
        {
            "fixed": "4.4.2"
        }
    ]
}

Affected versions

v4.*
v4.2.0
v4.2.1
v4.2.2
v4.2.3
v4.2.4
v4.2.5
v4.2.6
v4.2.7
v4.2.8
v4.3.0
v4.3.0-beta
v4.3.0-rc1
v4.3.0-rc2
v4.3.1
v4.3.2
v4.3.3
v4.3.4
v4.3.5
v4.4.0
v4.4.0-beta
v4.4.0-rc1
v4.4.0-rc2
v4.4.1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-43435.json"